Rails 3.1 Nears Delivery

May 25, 2011

The open source Ruby on Rails community is gearing up for their next major release.

This week Rails 3.1 was released as a release candidate, debuting new features for streaming, JavaScript integration and security. Rails 3.1 is the first major update to Rails since the 3.0 release in summer of 2010.

"There is some very important stuff in Rails 3.1," Nic Williams, VP of technology at Engine Yard told InternetNews.com.

Williams noted that the new asset pipeline is a key feature. He explained that the asset pipeline makes JavaScript a first-class citizen on Rails.

"Treating JavaScript as a first-class element -- rather than having it off in a public folder -- represents an important improvement," Williams said. "While Ruby is my preferred language, if you're going to be writing JavaScript you want to treat it sensibly."

Rails 3.1 will also support CoffeeScript as the default handler for JavaScript in Rails. JavaScript also benefits from the jQuery support in Rails 3.1. Williams noted that making jQuery the default JavaScript framework represents what most people already do.

Rails 3.1 Performance Boosters

From a production perspective, Williams noted that prepared statements will also make a big difference.

"Prepared statements is one of those things that is ridiculous that we didn't have from the start," Williams said. "For certain database environments this can lead to massive improvements in performance."

For the open source PostgreSQL database, using prepared statements can lead to an up to 10 times performance improvement. In contrast, Williams noted that the difference on the MySQL database is not as pronounced. He added that prepared statements will likely encourage Rails users to use PostgreSQL more than MySQL with Rails.

Rails 3.1 users will also get a performance boost from HTTP Streaming, which will enable Rails apps to download assets while the server response is still in process. HTTP Streaming will improve Rails application performance and it leverages Web server capabilities in the open source nginx server, which is commonly used for Rails deployments.

Rails 3.1 Security Enhancements

From a security perspective, Rails 3.1 also provides developers with a number of improvements. The new Force SSL controller is all about making sure connections are safe and encrypted.

"This module provides a method which redirects browsers to use the HTTPS protocol," the ForceSSL github comments state. "This will ensure that user's sensitive information will be transferred safely over the internet. You _should_ always force browser to use HTTPS when you're transferring sensitive information such as user authentication, account information, or credit card information."

Going a level deeper, password encryption gets a boost with the has_secure_password method.

"Dead-simple BCrypt-based passwords," David Heinemeier Hansson wrote in the Rails 3.1 release announcement. "Now there's no excuse not to roll your own authentication scheme."